htmlentities -> htmlspecialchars
This commit is contained in:
@@ -71,13 +71,13 @@ $isadmin = isset($_SESSION[$OJ_NAME.'_'.'administrator']);
|
||||
<div id="post<?php echo $row['rid'];?>" class="md" style="text-align:left; clear:both;">
|
||||
<?php
|
||||
if($row['status']==0){
|
||||
echo htmlentities($row['content'],ENT_QUOTES,"UTF-8");
|
||||
echo htmlspecialchars($row['content'],ENT_QUOTES,"UTF-8");
|
||||
}else{
|
||||
if(!$isuser || $isadmin){
|
||||
echo "<div style=\"border-left:10px solid gray\"><font color=gray><i>".$MSG_BLOCKED."</i></font></div>";
|
||||
}
|
||||
if($isuser || $isadmin){
|
||||
echo nl2br(htmlentities($row['content'],ENT_QUOTES,"UTF-8"));
|
||||
echo nl2br(htmlspecialchars($row['content'],ENT_QUOTES,"UTF-8"));
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user